The code describes a cross-site scripting (XSS) vulnerability in Elefant CMS 1.2.0 due to insufficient input sanitization. The vulnerability allows arbitrary script execution in the context of the affected site via a crafted URL parameter.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:Elefant CMS 1.2.0
No auth needed
Prerequisites:Access to the target URL with the vulnerable parameter